Please explain: Difference in blocking IPv4 and IPv6?

General Beta 5.0
46

Done.
Opened a new tab (Edge browser) and typed www.msn.com -> page could NOT be displayed (blocked, as far as the browser is concerned)

In the web interface, query log:

image
image2346×281 12.1 KB

Relevant content of the FTL log:

[2020-01-29 09:21:53.985 607] **** new UDP query[A] "www.msn.com" from 192.168.2.228 (ID 3941, FTL 10090, src/dnsmasq/forward.c:1571)
[2020-01-29 09:21:53.985 607] www.msn.com is not known
[2020-01-29 09:21:53.987 607] **** forwarded www.msn.com to fdaa:bbcc:ddee:2::5552 (ID 3941, src/dnsmasq/forward.c:566)
[2020-01-29 09:21:53.987 607] www.msn.com is known as not to be blocked
[2020-01-29 09:21:53.987 607] CNAME www.msn.com
[2020-01-29 09:21:53.987 607] **** got reply www.msn.com is (CNAME) (ID 3941, src/dnsmasq/cache.c:487)
[2020-01-29 09:21:53.988 607] www-msn-com.a-0003.a-msedge.net is not known
[2020-01-29 09:21:53.988 607] CNAME www.msn.com ---> www-msn-com.a-0003.a-msedge.net
[2020-01-29 09:21:53.988 607] **** got reply www-msn-com.a-0003.a-msedge.net is (CNAME) (ID 3941, src/dnsmasq/cache.c:487)
[2020-01-29 09:21:53.989 607] a-0003.a-msedge.net is not known
[2020-01-29 09:21:53.989 607] Blocking a-0003.a-msedge.net as domain is gravity blocked
[2020-01-29 09:21:53.989 607] CNAME www-msn-com.a-0003.a-msedge.net ---> a-0003.a-msedge.net
[2020-01-29 09:21:53.990 607] **** new UDP query[AAAA] "www.msn.com" from 192.168.2.228 (ID 3942, FTL 10091, src/dnsmasq/forward.c:1571)
[2020-01-29 09:21:53.990 607] www.msn.com is known as not to be blocked
[2020-01-29 09:21:53.990 607] **** forwarded www.msn.com to fdaa:bbcc:ddee:2::5552 (ID 3942, src/dnsmasq/forward.c:566)
[2020-01-29 09:21:53.991 607] www.msn.com is known as not to be blocked
[2020-01-29 09:21:53.991 607] CNAME www.msn.com
[2020-01-29 09:21:53.991 607] **** got reply www.msn.com is (CNAME) (ID 3942, src/dnsmasq/cache.c:487)
[2020-01-29 09:21:53.991 607] www-msn-com.a-0003.a-msedge.net is known as not to be blocked
[2020-01-29 09:21:53.991 607] CNAME www.msn.com ---> www-msn-com.a-0003.a-msedge.net
[2020-01-29 09:21:53.991 607] **** got reply www-msn-com.a-0003.a-msedge.net is (CNAME) (ID 3942, src/dnsmasq/cache.c:487)
[2020-01-29 09:21:53.992 607] **** got reply a-0003.a-msedge.net is (NODATA) (ID 3942, src/dnsmasq/cache.c:487)
[2020-01-29 09:21:54.377 607] **** new UDP query[AAAA] "www.msn.com" from 192.168.2.228 (ID 3943, FTL 10092, src/dnsmasq/forward.c:1571)
[2020-01-29 09:21:54.377 607] www.msn.com is known as not to be blocked
[2020-01-29 09:21:54.378 607] **** forwarded www.msn.com to fdaa:bbcc:ddee:2::5552 (ID 3943, src/dnsmasq/forward.c:566)
[2020-01-29 09:21:54.378 607] www.msn.com is known as not to be blocked
[2020-01-29 09:21:54.378 607] CNAME www.msn.com
[2020-01-29 09:21:54.378 607] **** got reply www.msn.com is (CNAME) (ID 3943, src/dnsmasq/cache.c:487)
[2020-01-29 09:21:54.379 607] www-msn-com.a-0003.a-msedge.net is known as not to be blocked
[2020-01-29 09:21:54.379 607] CNAME www.msn.com ---> www-msn-com.a-0003.a-msedge.net
[2020-01-29 09:21:54.379 607] **** got reply www-msn-com.a-0003.a-msedge.net is (CNAME) (ID 3943, src/dnsmasq/cache.c:487)
[2020-01-29 09:21:54.379 607] **** got reply a-0003.a-msedge.net is (NODATA) (ID 3943, src/dnsmasq/cache.c:487)
47

Would be a nice solution. Thanks.

48

Found another one

image
image2336×328 14.1 KB

´´´
pihole -q ctldl.windowsupdate.com
[i] No results found for ctldl.windowsupdate.com within the block lists

49

Isn't this the same as my example (see also explanation of @DL6ER)?
My example blocked by regex this one by gravity.

50

I just want to point out it isn't related to a specific domain name, the problem occurs sometimes (I've been looking for examples all day), different domains, NOT very often.

51

First version available through

pihole checkout ftl new/CNAME_inspection_details
pihole checkout web new/CNAME_inspection_details

Screenshot at 2020-01-29 22-57-40
Screenshot at 2020-01-29 22-57-40935×108 11.2 KB

How the domain is shown can surely be discussed, I'm not a big fan of putting it in parentheses as shown here.

1 Like
52

Concerning www.msn.com: Not sure why I haven't noticed this before, but the reason for the difference here is that the last element of the CNAME chain ( a-0003.a-msedge.net) comes back empty (NODATA) leading to us skipping the analysis of this step. As there is nothing that could be blocked (as there is no content), there is also no need to analyze this last step.

Concerning ctldl.windowsupdate.com: I kindly ask for the pihole-FTL.log excerpt. My standard blocking list does not contain anything that would block anything here.

53

I can't duplicate this. As I mentioned (pihole -q) I also have no gravity entry for this domain. Only the screenshot shows it has been blocked once, when I try this from a browser, all entries for the domain now show OK (forwarded), however, my screenshot shows it did happened at least once. The lookup is triggered by windows update (background service), NOT something I can control.

54

Did FTL still run in debug mode at this time? If so, you can just look for the time and extract the relevant lines from the log.

55

Unfortunately NO, I only activate this when I really need to.

1 Like
56

No worries, when you want, you can try the two new branches. They will add the domain to the Query Log on the web so you can get the information even when you're not in debug mode.

58

I'm now on beta5, only got 3 FTL updates the last few days.

When I go to a new branch 'new/CNAME_inspection_details', can I go back to the Beta5 branch, after I'm done testing OR do I need to setup from scratch again (etcher v4.3.2 image)?

59

Yes. It's fully backwards compatible. The changes will be merged into the beta at some point.

60

Works as in the picture.

1 Like
63

installed...

opened in browser (edge) -> blocked (can't reach this page).
result:

image
image2361×381 15.7 KB

64

and again pihole FTL query debug enabled:

image
image2365×284 12.7 KB 

[2020-01-30 16:08:15.164 9241] FTL_db warn: STATUS should be within [0,8] but is 9
[2020-01-30 16:08:15.164 9241] FTL_db warn: STATUS should be within [0,8] but is 9
[2020-01-30 16:08:15.164 9241] FTL_db warn: STATUS should be within [0,8] but is 9
[2020-01-30 16:08:15.165 9241] FTL_db warn: STATUS should be within [0,8] but is 9
[2020-01-30 16:08:15.165 9241] FTL_db warn: STATUS should be within [0,8] but is 9

[2020-01-30 16:09:06.759 9243] Compiled 1 whitelist and 20 blacklist regex filters in 8.8 msec
[2020-01-30 16:09:06.761 9243] **** new UDP query[A] "www.msn.com" from 192.168.2.228 (ID 1, FTL 9306, src/dnsmasq/forward.c:1571)
[2020-01-30 16:09:06.762 9243] www.msn.com is not known
[2020-01-30 16:09:06.763 9243] **** forwarded www.msn.com to fdaa:bbcc:ddee:2::5552 (ID 1, src/dnsmasq/forward.c:566)
[2020-01-30 16:09:06.764 9243] **** forwarded www.msn.com to 127.10.10.2 (ID 1, src/dnsmasq/forward.c:558)
[2020-01-30 16:09:06.764 9243] www.msn.com is known as not to be blocked
[2020-01-30 16:09:06.764 9243] CNAME www.msn.com
[2020-01-30 16:09:06.765 9243] **** got reply www.msn.com is (CNAME) (ID 1, src/dnsmasq/cache.c:487)
[2020-01-30 16:09:06.765 9243] www-msn-com.a-0003.a-msedge.net is not known
[2020-01-30 16:09:06.765 9243] CNAME www.msn.com ---> www-msn-com.a-0003.a-msedge.net
[2020-01-30 16:09:06.766 9243] **** got reply www-msn-com.a-0003.a-msedge.net is (CNAME) (ID 1, src/dnsmasq/cache.c:487)
[2020-01-30 16:09:06.766 9243] a-0003.a-msedge.net is not known
[2020-01-30 16:09:06.766 9243] Blocking a-0003.a-msedge.net as domain is gravity blocked
[2020-01-30 16:09:06.766 9243] CNAME www-msn-com.a-0003.a-msedge.net ---> a-0003.a-msedge.net
[2020-01-30 16:09:06.767 9243] **** new UDP query[AAAA] "www.msn.com" from 192.168.2.228 (ID 2, FTL 9307, src/dnsmasq/forward.c:1571)
[2020-01-30 16:09:06.767 9243] www.msn.com is known as not to be blocked
[2020-01-30 16:09:06.767 9243] **** forwarded www.msn.com to fdaa:bbcc:ddee:2::5552 (ID 2, src/dnsmasq/forward.c:566)
[2020-01-30 16:09:06.768 9243] **** new UDP query[A] "www.msn.com" from 192.168.2.228 (ID 3, FTL 9308, src/dnsmasq/forward.c:1571)
[2020-01-30 16:09:06.768 9243] www.msn.com is known as not to be blocked
[2020-01-30 16:09:06.768 9243] **** forwarded www.msn.com to fdaa:bbcc:ddee:2::5552 (ID 3, src/dnsmasq/forward.c:566)
[2020-01-30 16:09:06.769 9243] www.msn.com is known as not to be blocked
[2020-01-30 16:09:06.769 9243] CNAME www.msn.com
[2020-01-30 16:09:06.769 9243] **** got reply www.msn.com is (CNAME) (ID 2, src/dnsmasq/cache.c:487)
[2020-01-30 16:09:06.769 9243] www-msn-com.a-0003.a-msedge.net is known as not to be blocked
[2020-01-30 16:09:06.769 9243] CNAME www.msn.com ---> www-msn-com.a-0003.a-msedge.net
[2020-01-30 16:09:06.769 9243] **** got reply www-msn-com.a-0003.a-msedge.net is (CNAME) (ID 2, src/dnsmasq/cache.c:487)
[2020-01-30 16:09:06.770 9243] **** got reply a-0003.a-msedge.net is (NODATA) (ID 2, src/dnsmasq/cache.c:487)
[2020-01-30 16:09:06.770 9243] www.msn.com is known as not to be blocked
[2020-01-30 16:09:06.770 9243] CNAME www.msn.com
[2020-01-30 16:09:06.770 9243] **** got reply www.msn.com is (CNAME) (ID 3, src/dnsmasq/cache.c:487)
[2020-01-30 16:09:06.770 9243] www-msn-com.a-0003.a-msedge.net is known as not to be blocked
[2020-01-30 16:09:06.770 9243] CNAME www.msn.com ---> www-msn-com.a-0003.a-msedge.net
[2020-01-30 16:09:06.771 9243] **** got reply www-msn-com.a-0003.a-msedge.net is (CNAME) (ID 3, src/dnsmasq/cache.c:487)
[2020-01-30 16:09:06.771 9243] a-0003.a-msedge.net is known as gravity blocked
[2020-01-30 16:09:06.771 9243] CNAME www-msn-com.a-0003.a-msedge.net ---> a-0003.a-msedge.net
[2020-01-30 16:09:06.771 9243] **** new UDP query[AAAA] "www.msn.com" from 192.168.2.228 (ID 4, FTL 9309, src/dnsmasq/forward.c:1571)
[2020-01-30 16:09:06.771 9243] www.msn.com is known as not to be blocked
[2020-01-30 16:09:06.772 9243] **** forwarded www.msn.com to fdaa:bbcc:ddee:2::5552 (ID 4, src/dnsmasq/forward.c:566)
[2020-01-30 16:09:06.772 9243] www.msn.com is known as not to be blocked
[2020-01-30 16:09:06.772 9243] CNAME www.msn.com
[2020-01-30 16:09:06.773 9243] **** got reply www.msn.com is (CNAME) (ID 4, src/dnsmasq/cache.c:487)
[2020-01-30 16:09:06.773 9243] www-msn-com.a-0003.a-msedge.net is known as not to be blocked
[2020-01-30 16:09:06.773 9243] CNAME www.msn.com ---> www-msn-com.a-0003.a-msedge.net
[2020-01-30 16:09:06.773 9243] **** got reply www-msn-com.a-0003.a-msedge.net is (CNAME) (ID 4, src/dnsmasq/cache.c:487)
[2020-01-30 16:09:06.773 9243] **** got reply a-0003.a-msedge.net is (NODATA) (ID 4, src/dnsmasq/cache.c:487)
[2020-01-30 16:09:06.774 9243] **** new UDP query[A] "www.msn.com" from 192.168.2.228 (ID 5, FTL 9310, src/dnsmasq/forward.c:1571)
[2020-01-30 16:09:06.774 9243] www.msn.com is known as not to be blocked
[2020-01-30 16:09:06.774 9243] **** got cache answer for www.msn.com /  / <unknown> (ID 5, src/dnsmasq/rfc1035.c:1714)
[2020-01-30 16:09:06.774 9243] **** forwarded www.msn.com to fdaa:bbcc:ddee:2::5552 (ID 5, src/dnsmasq/forward.c:566)
[2020-01-30 16:09:06.775 9243] www.msn.com is known as not to be blocked
[2020-01-30 16:09:06.775 9243] CNAME www.msn.com
[2020-01-30 16:09:06.775 9243] **** got reply www.msn.com is (CNAME) (ID 5, src/dnsmasq/cache.c:487)
[2020-01-30 16:09:06.775 9243] www-msn-com.a-0003.a-msedge.net is known as not to be blocked
[2020-01-30 16:09:06.775 9243] CNAME www.msn.com ---> www-msn-com.a-0003.a-msedge.net
[2020-01-30 16:09:06.776 9243] **** got reply www-msn-com.a-0003.a-msedge.net is (CNAME) (ID 5, src/dnsmasq/cache.c:487)
[2020-01-30 16:09:06.776 9243] a-0003.a-msedge.net is known as gravity blocked
[2020-01-30 16:09:06.776 9243] CNAME www-msn-com.a-0003.a-msedge.net ---> a-0003.a-msedge.net
[2020-01-30 16:09:06.776 9243] **** new UDP query[AAAA] "www.msn.com" from 192.168.2.228 (ID 6, FTL 9311, src/dnsmasq/forward.c:1571)
[2020-01-30 16:09:06.776 9243] www.msn.com is known as not to be blocked
[2020-01-30 16:09:06.777 9243] **** forwarded www.msn.com to fdaa:bbcc:ddee:2::5552 (ID 6, src/dnsmasq/forward.c:566)
[2020-01-30 16:09:06.777 9243] www.msn.com is known as not to be blocked
[2020-01-30 16:09:06.777 9243] CNAME www.msn.com
[2020-01-30 16:09:06.777 9243] **** got reply www.msn.com is (CNAME) (ID 6, src/dnsmasq/cache.c:487)
[2020-01-30 16:09:06.778 9243] www-msn-com.a-0003.a-msedge.net is known as not to be blocked
[2020-01-30 16:09:06.778 9243] CNAME www.msn.com ---> www-msn-com.a-0003.a-msedge.net
[2020-01-30 16:09:06.778 9243] **** got reply www-msn-com.a-0003.a-msedge.net is (CNAME) (ID 6, src/dnsmasq/cache.c:487)
[2020-01-30 16:09:06.778 9243] **** got reply a-0003.a-msedge.net is (NODATA) (ID 6, src/dnsmasq/cache.c:487)
[2020-01-30 16:09:06.778 9243] **** new UDP query[A] "www.msn.com" from 192.168.2.228 (ID 7, FTL 9312, src/dnsmasq/forward.c:1571)
[2020-01-30 16:09:06.779 9243] www.msn.com is known as not to be blocked
[2020-01-30 16:09:06.779 9243] **** got cache answer for www.msn.com /  / <unknown> (ID 7, src/dnsmasq/rfc1035.c:1714)
[2020-01-30 16:09:06.779 9243] **** forwarded www.msn.com to fdaa:bbcc:ddee:2::5552 (ID 7, src/dnsmasq/forward.c:566)
[2020-01-30 16:09:06.780 9243] www.msn.com is known as not to be blocked
[2020-01-30 16:09:06.780 9243] CNAME www.msn.com
[2020-01-30 16:09:06.780 9243] **** got reply www.msn.com is (CNAME) (ID 7, src/dnsmasq/cache.c:487)
[2020-01-30 16:09:06.780 9243] www-msn-com.a-0003.a-msedge.net is known as not to be blocked
[2020-01-30 16:09:06.780 9243] CNAME www.msn.com ---> www-msn-com.a-0003.a-msedge.net
[2020-01-30 16:09:06.781 9243] **** got reply www-msn-com.a-0003.a-msedge.net is (CNAME) (ID 7, src/dnsmasq/cache.c:487)
[2020-01-30 16:09:06.781 9243] a-0003.a-msedge.net is known as gravity blocked
[2020-01-30 16:09:06.781 9243] CNAME www-msn-com.a-0003.a-msedge.net ---> a-0003.a-msedge.net
[2020-01-30 16:09:06.781 9243] **** new UDP query[AAAA] "www.msn.com" from 192.168.2.228 (ID 8, FTL 9313, src/dnsmasq/forward.c:1571)
[2020-01-30 16:09:06.782 9243] www.msn.com is known as not to be blocked
[2020-01-30 16:09:06.782 9243] **** forwarded www.msn.com to fdaa:bbcc:ddee:2::5552 (ID 8, src/dnsmasq/forward.c:566)
[2020-01-30 16:09:06.782 9243] www.msn.com is known as not to be blocked
[2020-01-30 16:09:06.782 9243] CNAME www.msn.com
[2020-01-30 16:09:06.783 9243] **** got reply www.msn.com is (CNAME) (ID 8, src/dnsmasq/cache.c:487)
[2020-01-30 16:09:06.783 9243] www-msn-com.a-0003.a-msedge.net is known as not to be blocked
[2020-01-30 16:09:06.783 9243] CNAME www.msn.com ---> www-msn-com.a-0003.a-msedge.net
[2020-01-30 16:09:06.784 9243] **** got reply www-msn-com.a-0003.a-msedge.net is (CNAME) (ID 8, src/dnsmasq/cache.c:487)
[2020-01-30 16:09:06.784 9243] **** got reply a-0003.a-msedge.net is (NODATA) (ID 8, src/dnsmasq/cache.c:487)
[2020-01-30 16:09:06.784 9243] **** new UDP query[A] "www.msn.com" from 192.168.2.228 (ID 9, FTL 9314, src/dnsmasq/forward.c:1571)
[2020-01-30 16:09:06.785 9243] www.msn.com is known as not to be blocked
[2020-01-30 16:09:06.785 9243] **** got cache answer for www.msn.com /  / <unknown> (ID 9, src/dnsmasq/rfc1035.c:1714)
[2020-01-30 16:09:06.785 9243] **** forwarded www.msn.com to fdaa:bbcc:ddee:2::5552 (ID 9, src/dnsmasq/forward.c:566)
[2020-01-30 16:09:06.785 9243] www.msn.com is known as not to be blocked
[2020-01-30 16:09:06.785 9243] CNAME www.msn.com
[2020-01-30 16:09:06.786 9243] **** got reply www.msn.com is (CNAME) (ID 9, src/dnsmasq/cache.c:487)
[2020-01-30 16:09:06.786 9243] www-msn-com.a-0003.a-msedge.net is known as not to be blocked
[2020-01-30 16:09:06.786 9243] CNAME www.msn.com ---> www-msn-com.a-0003.a-msedge.net
[2020-01-30 16:09:06.786 9243] **** got reply www-msn-com.a-0003.a-msedge.net is (CNAME) (ID 9, src/dnsmasq/cache.c:487)
[2020-01-30 16:09:06.786 9243] a-0003.a-msedge.net is known as gravity blocked
[2020-01-30 16:09:06.786 9243] CNAME www-msn-com.a-0003.a-msedge.net ---> a-0003.a-msedge.net
[2020-01-30 16:09:06.787 9243] **** new UDP query[AAAA] "www.msn.com" from 192.168.2.228 (ID 10, FTL 9315, src/dnsmasq/forward.c:1571)
[2020-01-30 16:09:06.787 9243] www.msn.com is known as not to be blocked
[2020-01-30 16:09:06.787 9243] **** forwarded www.msn.com to fdaa:bbcc:ddee:2::5552 (ID 10, src/dnsmasq/forward.c:566)
[2020-01-30 16:09:06.788 9243] www.msn.com is known as not to be blocked
[2020-01-30 16:09:06.788 9243] CNAME www.msn.com
[2020-01-30 16:09:06.788 9243] **** got reply www.msn.com is (CNAME) (ID 10, src/dnsmasq/cache.c:487)
[2020-01-30 16:09:06.789 9243] www-msn-com.a-0003.a-msedge.net is known as not to be blocked
[2020-01-30 16:09:06.789 9243] CNAME www.msn.com ---> www-msn-com.a-0003.a-msedge.net
[2020-01-30 16:09:06.789 9243] **** got reply www-msn-com.a-0003.a-msedge.net is (CNAME) (ID 10, src/dnsmasq/cache.c:487)
[2020-01-30 16:09:06.789 9243] **** got reply a-0003.a-msedge.net is (NODATA) (ID 10, src/dnsmasq/cache.c:487)
65

system has been up and running for a few hours now. suddenly things appear to work, I haven't changed anything.

image
image2333×293 14.8 KB

66

Browser caching issue. Please don't forget to clear the cache when updating web stuff. The previously displayed Unknown (9) was due to old, cached Javascript code that was not yet aware of the new CNAME blocking modes.

67

I just retrieved an update for the web interface, installed and cleared the cache.

image
image2437×296 17 KB

mouseover on the (blocked domain), tooltip says 'Click to show only queries with domain....'

When I click …

image
image1862×717 15.5 KB

Also notice the blocked and allowed domain name are the same (this time both A entries)...

68

The best way to help us debug and add features would be to use a stock system, installed via our installer command, and starting fresh. If that shows issues then it's something for us to investigate. If you can not duplicate the situations with a known base that everyone can access then it's likely not an issue we can resolve.